Truncate after Preamble: PHY-based Starvation Attacks on IoT Networks

Abstract

We present and evaluate Truncate-after-Preamble (TaP) attacks, whereby a receiver cannot decode an incoming signal despite good channel conditions. In a TaP attack, the attacker announces a large payload length using a standard preamble and packet length field, but omits to transmit the payload. We implement the TaP attack on a SDR platform, and evaluate the effectiveness of the attack on five Zigbee and seven Wi-Fi devices sold by different manufacturers. We show that all of the Zigbee devices are vulnerable to the attack, while the Wi-Fi devices are vulnerable to the attack to varying degrees. Chiefly, we show that an attacker can cause over 90% packet loss on a Zigbee or Wi-Fi channel, using respectively six or five orders of magnitude less energy than a constant jammer would. Finally, we present several methods, with different degrees of sophistication, for detecting the attacks.

References

• Accepted to WiSec2020: ACM Reference Format:Stefan Gvozdenovic, Johannes K Becker, John Mikulskis, and David Starobinski. 2020. Truncate after Preamble: PHY-based Starvation Attacks on IoTNetworks. In 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec ’20), July 8–10, 2020, Linz (Virtual Event), Austria.ACM, New York, NY, USA, 10 pages. https://doi.org/10.1145/3395351.3399356
• Author version: http://people.bu.edu/staro/WiSec_2020_author.pdf